The Truth! Your Network WILL Handle the Truth with NetBox Jeremy Stretch Season 3, Talk 6 Hosted by Hank Preston, NetDevOps Engineer Network to Code Twitter: @hfpreston Twitter: @jstretch85 https://developer.cisco.com/netdevops/live NetBox as a Source of Truth NetDevOps Live! May 12, 2020 www.networktocode.com What is a Source of Truth (SoT)? • Designated authority over a specific data domain – Where to find the “correct” value for a piece of data • Traditional examples: – IPAM server – DNS server – Spreadsheets • Crucial that sources of truth never overlap www.networktocode.com SoT in Practice Legacy Approach SoT Approach • Configure hosts in each tool ● Data is only entered into the SoT individually ● All tools populate directly from the • Import from one tool to another SoT depending on availability of ○ Can be pull or push information ○ Precise method of population may • No checks in place to ensure vary among tools consistent data across all tools ● The data within each tool can be validated against the SoT at any time www.networktocode.com What is NetBox? • A SoT for various domains of network infrastructure – IPAM, DCIM, circuits, tenancy, etc. • Provides a structured data model with integration points – REST API, webhooks, plugins, etc. • Written in Python using the Django web framework • Open source and freely available – Apache 2.0 license www.networktocode.com NetBox History Started by Jeremy John Anderson Repo moved to its Stretch as an internal signs on as a own GitHub PoC at DigitalOcean maintainer organization June 2016 February 2019 September 2019 Late 2015 August 2018 June 2019 Released as open Daniel Sheppard NTC announces source (Apache 2) joins maintainers commercial support team for NetBox www.networktocode.com Application Architecture nginx or Apache HTTP daemon Handles HTTP requests Django/Python Application Framework for application logic gunicorn or uWSGI WSGI WSGI middleware PostgreSQL Database Relational database Redis Queuing/caching In-memory key-value store www.networktocode.com Design Philosophy • Replicate the real world – Data model is tightly coupled to real-world constraints • Function as a source of truth for the network – Use NetBox to provision devices, not vice versa • Keep things simple – High value and ease of maintenance are preferred over 100% complete solutions www.networktocode.com Functional Scope • Number resources (IPAM) – Prefixes, IPs, VRFs, VLANs, AS numbers • Physical infrastructure – Sites, racks, devices, cables, power • Virtual machines and clusters • Data circuits • Secrets (e.g. login credentials) www.networktocode.com Some Things NetBox Doesn’t Do • DHCP server • DNS server • Asset tracking • Authentication server (e.g. RADIUS/LDAP) • Network monitoring • Device orchestration www.networktocode.com Why Use NetBox? • Open source – Actively maintained and developed • Emphasis on programmability and integration • Strong support community • Extensible www.networktocode.com Integration with Other Tools • REST API – Push and pull data in JSON format over HTTP • Webhooks – Send HTTP requests to other tools in response to events • Django ORM/Python shell • Custom scripts – Execute arbitrary Python directly from the NetBox UI/API www.networktocode.com REST API # Send a POST request with the desired object attributes $ curl -X POST \ -H "Authorization: Token $TOKEN" \ -H "Content-Type: application/json" \ -H "Accept: application/json; indent=4" \ https://netbox/api/ipam/prefixes/ \ --data '{"prefix": "192.0.2.0/24", "status": "active"}' # Receive a HTTP 201 CREATED response { "id": 18686, "family": { "value": 4, "label": "IPv4" }, "prefix": "192.0.2.0/24", "status": { "value": "active", "label": "Active", } } www.networktocode.com www.networktocode.com Webhooks • Created under NetBox admin UI for specific object types • Fire in response to objects being created, updated, and/or deleted • Request headers and body can be templated using Jinja2 www.networktocode.com Python Shell/Django ORM # Enter the NetBox shell $ ./manage.py nbshell ### NetBox interactive shell (demohost) ### Python 3.6.9 | Django 3.0.8 | NetBox 2.8.1 ### lsmodels() will show available models. Use help(<model>) for more info. >>> # Retrieve a device >>> router = Device.objects.get(name='dc1-edge1') >>> router <Device: dc1-edge1> >>> router.device_type <DeviceType: MX240> # Work with related objects >>> router.interfaces.count() 42 # Modify and save >>> router.serial = 'FAC98210' >>> router.save() www.networktocode.com Custom Scripts • Arbitrary Python scripts uploaded to NetBox to automate tasks – Ex: Populate base devices, prefixes, etc. for a new site – Ex: Detect and automatically correct data discrepancies • Leverages the Django ORM to obviate direct database access • Can be executed via web UI or REST API • Custom reports – Similar to scripts but focused on validation www.networktocode.com www.networktocode.com Integration Examples Webhook API API Webhook Webhook API API www.networktocode.com NetBox & Network to Code • NTC offers commercial support for NetBox – Help with install, maintenance, custom development, etc • We also offer customised training and professional services – Custom plugin development, custom scripts, reports, SoT integrations, etc. Contact [email protected] www.networktocode.com Resources github.com/netbox-community/netbox Code netbox.readthedocs.io/ Documentation #netbox on networktocode.slack.com [email protected] Community www.networktocode.com NetDevOps Tech Chat © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public </finish> © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public Webinar Resources on DevNet! • Docs and Links • Learning Labs • DevNet Sandboxes • Code Samples developer.cisco.com/netdevops/live/#s03t06 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public NetDevOps Live! Code Exchange Challenge developer.cisco.com/codeexchange Use NetBox as a Source of Truth in an automation project. Use it to drive configuration, or verify it. Your call! Example: Check to see if interface descriptions configured on a switch match what’s listed in NetBox © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public Looking for more about NetDevOps? • NetDevOps on DevNet developer.cisco.com/netdevops • NetDevOps Live! developer.cisco.com/netdevops/live • NetDevOps Blogs blogs.cisco.com/tag/netdevops • Network Programmability Basics Video Course developer.cisco.com/video/net-prog-basics/ © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public Join us next week! Logging and Back Again - A Network Engineers Journey with ELK May 19, 2020 with George Kobar https://developer.cisco.com/netdevops/live/#s03t07 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public Got more questions? Stay in touch! Hank Preston developer.cisco.com [email protected] @CiscoDevNet @hfpreston facebook.com/ciscodevnet/ http://github.com/hpreston http://github.com/CiscoDevNet © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public https://developer.cisco.com/netdevops/live @netdevopslive.